Executive Summary
Summary | |
---|---|
Title | New ethereal packages fix execution of arbitrary code |
Informations | |||
---|---|---|---|
Name | DSA-1171 | First vendor Publication | 2006-09-07 |
Vendor | Debian | Last vendor Modification | 2006-09-07 |
Severity (Vendor) | N/A | Revision | 1 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Several remote vulnerabilities have been discovered in the Ethereal network scanner, which may lead to the execution of arbitrary code. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2006-4333 It was discovered that the Q.2391 dissector is vulnerable to denial of service caused by memory exhaustion. CVE-2005-3241 It was discovered that the FC-FCS, RSVP and ISIS-LSP dissectors are vulnerable to denial of service caused by memory exhaustion. CVE-2005-3242 It was discovered that the IrDA and SMB dissectors are vulnerable to denial of service caused by memory corruption. CVE-2005-3243 It was discovered that the SLIMP3 and AgentX dissectors are vulnerable to code injection caused by buffer overflows. CVE-2005-3244 It was discovered that the BER dissector is vulnerable to denial of service caused by an infinite loop. CVE-2005-3246 It was discovered that the NCP and RTnet dissectors are vulnerable to denial of service caused by a null pointer dereference. CVE-2005-3248 It was discovered that the X11 dissector is vulnerable denial of service caused by a division through zero. This update also fixes a 64 bit-specific regression in the ASN.1 decoder, which has been introduced in a previous DSA. For the stable distribution (sarge) these problems have been fixed in version 0.10.10-2sarge8. For the unstable distribution (sid) these problems have been fixed in version 0.99.2-5.1 of wireshark, the network sniffer formerly known as ethereal. We recommend that you upgrade your ethereal packages. |
Original Source
Url : http://www.debian.org/security/2006/dsa-1171 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-399 | Resource Management Errors |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10303 | |||
Oval ID: | oval:org.mitre.oval:def:10303 | ||
Title: | Ethereal 0.10.12 and earlier allows remote attackers to cause a denial of service (null dereference) via unknown vectors in the (1) SCSI, (2) sFlow, or (3) RTnet dissectors. | ||
Description: | Ethereal 0.10.12 and earlier allows remote attackers to cause a denial of service (null dereference) via unknown vectors in the (1) SCSI, (2) sFlow, or (3) RTnet dissectors. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-3246 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10558 | |||
Oval ID: | oval:org.mitre.oval:def:10558 | ||
Title: | Ethereal 0.10.12 and earlier allows remote attackers to cause a denial of service (crash) via unknown vectors in (1) the IrDA dissector and (2) the SMB dissector when SMB transaction payload reassembly is enabled. | ||
Description: | Ethereal 0.10.12 and earlier allows remote attackers to cause a denial of service (crash) via unknown vectors in (1) the IrDA dissector and (2) the SMB dissector when SMB transaction payload reassembly is enabled. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-3242 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:10582 | |||
Oval ID: | oval:org.mitre.oval:def:10582 | ||
Title: | Multiple vulnerabilities in Ethereal 0.10.12 and earlier allow remote attackers to cause a denial of service (memory consumption) via unspecified vectors in the (1) ISAKMP, (2) FC-FCS, (3) RSVP, and (4) ISIS LSP dissector. | ||
Description: | Multiple vulnerabilities in Ethereal 0.10.12 and earlier allow remote attackers to cause a denial of service (memory consumption) via unspecified vectors in the (1) ISAKMP, (2) FC-FCS, (3) RSVP, and (4) ISIS LSP dissector. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-3241 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11002 | |||
Oval ID: | oval:org.mitre.oval:def:11002 | ||
Title: | Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and earlier allows remote attackers to cause a denial of service (divide-by-zero) via unknown vectors. | ||
Description: | Unspecified vulnerability in the X11 dissector in Ethereal 0.10.12 and earlier allows remote attackers to cause a denial of service (divide-by-zero) via unknown vectors. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-3248 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:11801 | |||
Oval ID: | oval:org.mitre.oval:def:11801 | ||
Title: | The SSCOP dissector in Wireshark (formerly Ethereal) before 0.99.3 allows remote attackers to cause a denial of service (resource consumption) via malformed packets that cause the Q.2391 dissector to use excessive memory. | ||
Description: | The SSCOP dissector in Wireshark (formerly Ethereal) before 0.99.3 allows remote attackers to cause a denial of service (resource consumption) via malformed packets that cause the Q.2391 dissector to use excessive memory. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2006-4333 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9665 | |||
Oval ID: | oval:org.mitre.oval:def:9665 | ||
Title: | The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors. | ||
Description: | The BER dissector in Ethereal 0.10.3 to 0.10.12 allows remote attackers to cause a denial of service (infinite loop) via unknown vectors. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-3244 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:9836 | |||
Oval ID: | oval:org.mitre.oval:def:9836 | ||
Title: | Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow remote attackers to execute arbitrary code via unknown vectors in the (1) SLIMP3 and (2) AgentX dissector. | ||
Description: | Multiple buffer overflows in Ethereal 0.10.12 and earlier might allow remote attackers to execute arbitrary code via unknown vectors in the (1) SLIMP3 and (2) AgentX dissector. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2005-3243 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 3 CentOS Linux 3 Red Hat Enterprise Linux 4 CentOS Linux 4 Oracle Linux 4 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
OpenVAS Exploits
Date | Description |
---|---|
2009-10-10 | Name : SLES9: Security update for ethereal File : nvt/sles9p5016073.nasl |
2009-10-10 | Name : SLES9: Security update for ethereal File : nvt/sles9p5021746.nasl |
2009-02-27 | Name : Fedora Update for wireshark FEDORA-2007-207 File : nvt/gb_fedora_2007_207_wireshark_fc5.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200510-25 (Ethereal) File : nvt/glsa_200510_25.nasl |
2008-09-24 | Name : Gentoo Security Advisory GLSA 200608-26 (wireshark) File : nvt/glsa_200608_26.nasl |
2008-01-17 | Name : Debian Security Advisory DSA 1171-1 (ethereal) File : nvt/deb_1171_1.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
28199 | Wireshark Q.2931 Dissector Crafted Packet Remote DoS |
20135 | Ethereal AgentX Dissector Remote Overflow Ethereal contains an unspecified flaw related to a buffer overflow in the AgentX dissector that may allow an attacker to execute arbitrary code. No further details have been provided. |
20134 | Ethereal X11 Dissector Divide by Zero DoS Ethereal contains a flaw related to the X11 dissector that results in a divide by zero error, which may allow a remote attacker to cause a denial of service. No further details have been provided. |
20133 | Ethereal SMB Dissector Transaction Payload Reassembly DoS Ethereal contains a flaw related to the SMB transaction payload reassembly preference, which may allow a remote attacker to crash the SMB dissector. No further details have been provided. Note: this preference is disabled by default. |
20131 | Ethereal RTnet Dissector Null Pointer Dereference DoS Ethereal contains a flaw related to the RTnet dissector that could dereference a null pointer, which may allow a remote attacker to crash the application. No further details have been provided. |
20130 | Ethereal sFlow Dissector Null Pointer Dereference DoS Ethereal contains a flaw related to the sFlow dissector that could dereference a null pointer, which may allow a remote attacker to crash the application. No further details have been provided. |
20128 | Ethereal SCSI Dissector Null Pointer Dereference DoS Ethereal contains a flaw related to the SCSI dissector that could dereference a null pointer, which may allow a remote attacker to crash the application. No further details have been provided. |
20127 | Ethereal BER Dissector Infinite Loop DoS Ethereal contains a flaw related to the BER dissector that may allow a remote attacker to cause the application to enter an infinite loop. No further details have been provided. |
20126 | Ethereal SLIMP3 Dissector Remote Overflow Ethereal contains an unspecified flaw related to the SLIMP3 dissector that may allow an attacker to execute arbitrary code. No further details have been provided. |
20125 | Ethereal IrDA Dissector Unspecified DoS Ethereal contains a flaw related to the IrDA dissector that may allow a remote attacker to cause a denial of service. No further details have been provided. |
20124 | Ethereal ISIS LSP Dissector Memory Exhaustion DoS Ethereal contains a flaw related to the ISIS LSP dissector that may allow a remote attacker to cause the application to consume all available system memory. No further details have been provided. |
20123 | Ethereal RSVP Dissector Memory Exhaustion DoS Ethereal contains a flaw related to the RSVP dissector that may allow a remote attacker to cause the application to consume all available system memory. No further details have been provided. |
20122 | Ethereal FC-FCS Dissector Memory Exhaustion DoS Ethereal contains a flaw related to the FC-FCS dissector that may allow a remote attacker to cause the application to consume all available system memory. No further details have been provided. |
20121 | Ethereal ISAKMP Dissector Memory Exhaustion DoS Ethereal contains a flaw related to the ISAKMP dissector that may allow a remote attacker to cause the application to consume all available system memory. No further details have been provided. |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-07-12 | Name : The remote Oracle Linux host is missing a security update. File : oraclelinux_ELSA-2006-0726.nasl - Type : ACT_GATHER_INFO |
2007-12-13 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_ethereal-2028.nasl - Type : ACT_GATHER_INFO |
2007-10-17 | Name : The remote openSUSE host is missing a security update. File : suse_ethereal-2029.nasl - Type : ACT_GATHER_INFO |
2007-01-17 | Name : The remote Fedora Core host is missing a security update. File : fedora_2006-1140.nasl - Type : ACT_GATHER_INFO |
2007-01-17 | Name : The remote Fedora Core host is missing a security update. File : fedora_2006-1141.nasl - Type : ACT_GATHER_INFO |
2007-01-17 | Name : The remote Fedora Core host is missing a security update. File : fedora_2006-936.nasl - Type : ACT_GATHER_INFO |
2006-12-16 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2006-152.nasl - Type : ACT_GATHER_INFO |
2006-10-14 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1171.nasl - Type : ACT_GATHER_INFO |
2006-09-14 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2006-0658.nasl - Type : ACT_GATHER_INFO |
2006-09-14 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2006-0658.nasl - Type : ACT_GATHER_INFO |
2006-08-30 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200608-26.nasl - Type : ACT_GATHER_INFO |
2006-07-03 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2005-809.nasl - Type : ACT_GATHER_INFO |
2006-01-15 | Name : The remote Mandrake Linux host is missing one or more security updates. File : mandrake_MDKSA-2005-193.nasl - Type : ACT_GATHER_INFO |
2005-11-02 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200510-25.nasl - Type : ACT_GATHER_INFO |
2005-10-28 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2005-809.nasl - Type : ACT_GATHER_INFO |
2005-10-24 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-1011.nasl - Type : ACT_GATHER_INFO |
2005-10-24 | Name : The remote Fedora Core host is missing a security update. File : fedora_2005-1008.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:26:11 |
|